/**
 * @FileName: StoreSetController.java
 * @Author
 * @Description:
 * @Date 2016年1月6日 下午3:46:52
 * @CopyRight ZTE Corporation
 */
package cn.hpclub.server.controller.client;

import org.apache.commons.codec.digest.DigestUtils;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import cn.hpclub.server.constant.ClientApiConstant;
import cn.hpclub.server.model.MemberOrg;
import cn.hpclub.server.model.SmsCode;
import cn.hpclub.server.restful.API;
import cn.hpclub.server.service.LoginService;
import cn.hpclub.server.service.TokenService;
import cn.hpclub.server.util.DESCrypto;
import cn.hpclub.server.util.ResultCode;

@API("/StoreServer/StoreSet")
public class StoreSetController extends BaseClientController<MemberOrg>{
    private static Logger       log          = LoggerFactory.getLogger(StoreSetController.class);
    private final static String OLD_PASSWD   = "oldPwd";
    private final static String NEW_PASSWD   = "newPwd";

    private final static String RESET_CODE   = "RndCode";
    private final static String RESET_PASSWD = "newPassword";
    private final static String RESET_PHONE  = "phoneNumber";

    public void ChangePassword(){
        JSONObject jo = setResponseObj(ClientApiConstant.ResultCode.FAILED, ClientApiConstant.Msg.FAIL,
                                       ClientApiConstant.Msg.EMPTY);
        String oldPasswd = getPara(OLD_PASSWD);
        String newPasswd = getPara(NEW_PASSWD);
        String desPwd = getPara(ClientApiConstant.Key.PTAG);
        boolean isDesPwd = ("1".equals(desPwd)) ? true : false;

        String username = TokenService.service.getUsernameByToken(getPara(ClientApiConstant.Key.TOKEN));
        if(username == null){
            jo = setResponseObj(ClientApiConstant.ResultCode.NO_PERMISSION, ClientApiConstant.Msg.PARA_ILLEGAL,
                                ClientApiConstant.Msg.EMPTY);
            renderText(jo.toString());
            return;
        }

        LoginService loginService = new LoginService(username, oldPasswd, isDesPwd);
        ResultCode result = loginService.validate();
        // log.info("login user exist code:" + result);
        if(result == ResultCode.USER_NOT_EXIST){
            jo = setResponseObj(ClientApiConstant.ResultCode.NO_PERMISSION, ClientApiConstant.Msg.PARA_ILLEGAL,
                                ClientApiConstant.Msg.EMPTY);
            renderText(jo.toString());
            return;
        } else if(result == ResultCode.PASSWD_ERROR){
            jo = setResponseObj(ClientApiConstant.ResultCode.FAILED, ClientApiConstant.Msg.PASSWD_ERROR,
                                ClientApiConstant.Msg.EMPTY);
            renderText(jo.toString());
            return;
        }

        boolean r = loginService.modifyPasswd(newPasswd, isDesPwd);
        if(r){
            jo = setResponseObj(ClientApiConstant.ResultCode.SUCCESS_CODE, ClientApiConstant.Msg.PASSWD_MODIFIED,
                                ClientApiConstant.Msg.EMPTY);
        }
        renderText(jo.toString());

    }

    public void ResetPassword(){
        JSONObject jo = setResponseObj(ClientApiConstant.ResultCode.FAILED, ClientApiConstant.Msg.FAIL,
                                       ClientApiConstant.Msg.EMPTY);

        String phone = getPara(RESET_PHONE);
        String code = getPara(RESET_CODE);
        String pwd = getPara(RESET_PASSWD);
        String desPwd = getPara(ClientApiConstant.Key.PTAG);
        boolean isDesPwd = ("1".equals(desPwd)) ? true : false;
        // DES获取到原始密码
        if(isDesPwd){
            try{
                pwd = java.net.URLDecoder.decode(DESCrypto.decrypt(pwd, ClientApiConstant.CONSTANT_DES_KEY),
                                                 ClientApiConstant.ENCODING);
            }
            catch(Exception e){
                e.printStackTrace();
            }
        }

        // String phone = "13880936003";
        // String code = "123456";
        // String pwd = "654321";
        // log.info("ResetPassword", "phone=" + phone);
        // log.info("ResetPassword", "code=" + code);

        if(!MemberOrg.dao.isExistMemberOrg(phone)){
            jo = setResponseObj(ClientApiConstant.ResultCode.NO_PERMISSION, ClientApiConstant.Msg.ACCOUNT_NOT_EXIST,
                                ClientApiConstant.Msg.EMPTY);
            renderText(jo.toString());
            return;
        }

        if(!SmsCode.dao.verifyCode(phone, code)){
            jo = setResponseObj(ClientApiConstant.ResultCode.FAILED, ClientApiConstant.Msg.SMS_CODE_ERROR,
                                ClientApiConstant.Msg.EMPTY);
            renderText(jo.toString());
            return;
        }

        if(MemberOrg.dao.modifyPasswd(phone, DigestUtils.md5Hex(pwd))){
            SmsCode.dao.removeCode(phone);
            jo = setResponseObj(ClientApiConstant.ResultCode.SUCCESS_CODE, ClientApiConstant.Msg.PASSWD_MODIFIED,
                                ClientApiConstant.Msg.EMPTY);
            renderText(jo.toString());
            return;
        } else{
            jo = setResponseObj(ClientApiConstant.ResultCode.FAILED, ClientApiConstant.Msg.FAIL,
                                ClientApiConstant.Msg.EMPTY);
            renderText(jo.toString());
            return;
        }

    }

}
